Securing access to restricted resources is a challenging issue and may require a careful evaluation of contradictory considerations. On one hand a need exists to ensure that restricted resources can be only accessed by authorized individuals (i.e., which sometimes can lead to an escalation of verification measures). On the other hand, there is a need to implement secure access measures that are as convenient and seamless as possible to avoid bothering people (i.e., which may result in making them turn away).
Different solutions have been considered to address these two conflicting objectives. One solution involves unregistered users who want to access a given resource. For these users, a full n-factor authentication process requires a user to provide various forms of proofs of identification (e.g., as many proofs as the paranoia of security enforcers may think of) of his or her identity. This approach may be very bothersome and annoying to the use and generally slows down significantly the time spent to pass, for example, checkpoint gates. As a result, long queues can occur in front of these gates.
The flip side of this approach involves registered users. In order to address the bottleneck issue at security gates, security enforcers have developed the concept of registered/frequent/trusted users. These users pre-register with a given security program providing all personal information required by the security policy. Such users receive a specific user ID which will allow them, first, to be recognized by the system (i.e., hence, less identification proof needs to be provided); and second, to pass security check-points faster (i.e., as the n-factor authentication process could be relaxed). The problem with this approach is that people may not be willing to (or could not) pre-register. Specifically when security is required for a single event, the users typically do not plan to become frequent users.